package com.gjszn.kh.controller.admin;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.log4j.LogManager;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.mvc.support.RedirectAttributesModelMap;

import com.alibaba.fastjson.JSONObject;
import com.gjszn.kh.model.AdminPO;
import com.gjszn.kh.service.AdminService;
import com.gjszn.kh.utils.CheckUtil;
import com.gjszn.kh.utils.ImageUtil;

/**    
* @Title: AdminController.java  
* @Package com.gjszn.kh.controller    
* @author jys@nx-yt.com    
* @date 2015年12月30日 下午5:50:00  
* @version V1.0    
* @Description: TODO(用一句话描述该文件做什么)
********************************************/
@Controller
@RequestMapping("/mgr")
public class AdminController {
	
	private static Logger log = LogManager.getRootLogger();
	
	@Autowired
	private AdminService adminService;
	
	@RequestMapping("login")
	public String toLogin(){
		return "admin/login";
	}
	
	@RequestMapping("loginout")
	public String loginOut(HttpServletRequest request){
		request.getSession().invalidate();
		return "redirect:/mgr/login";
	}
	
	@RequestMapping("yzm")
	public void yzm(String yzm, HttpServletRequest request, HttpServletResponse response){
		ImageUtil.createYZM(request, response);
	}
	
	@RequestMapping("yzm/check")
	public @ResponseBody JSONObject checkYZM(String yzm, HttpServletRequest request){
		JSONObject jsonObject = new JSONObject();
		String ss_yzm = (String) request.getSession().getAttribute("yzm");
		if(yzm != null && ss_yzm!=null && !"".equals(yzm) && !"".equals(ss_yzm) && ss_yzm.equals(yzm)){
			jsonObject.put("status", 1);
			jsonObject.put("msg", "验证码正确");
		}else{
			jsonObject.put("status", -1);
			jsonObject.put("msg", "验证码不正确");
		}
		return jsonObject;
	}
	
	@RequestMapping(value="doLogin", method=RequestMethod.POST)
	public String doLogin(String userName, String password, String yzm, HttpServletRequest request, RedirectAttributesModelMap redirectAttributesModelMap){
		if(CheckUtil.isEmpty(userName, password, yzm)){
			// 登录参数不能为空
			log.info("userName:" + userName + ", 在ip:" + request.getRemoteHost() + "登录失败");
			redirectAttributesModelMap.addFlashAttribute("msg", "用户名、密码、验证码不能为空！");
			return "redirect:/mgr/login";
		}
		String ss_yzm = (String) request.getSession().getAttribute("yzm");
		if(ss_yzm==null || !yzm.equals(ss_yzm)){
			redirectAttributesModelMap.addFlashAttribute("msg", "验证码不正确！");
			return "redirect:/mgr/login";
		}
		AdminPO adminPo = adminService.doLogin(userName, password);
		if(adminPo == null){
			// 登录失败
			log.info("userName:" + userName + ", 在ip:" + request.getRemoteHost() + "登录失败");
			redirectAttributesModelMap.addFlashAttribute("msg", "用户或密码不正确");
			return "redirect:/mgr/login";
		}
		
		// 将登陆信息保存到session中
		request.getSession().setAttribute("sysAdmin", adminPo);
		return "redirect:/admin/main";
	}
	
	
}

